CyberVoices

Dear Minister Solomon: How a security-first playbook can turn Canada into the world’s AI safety moat.

Minister, 

Two weeks into your new portfolio, the most urgent risk in artificial intelligence (AI) isn’t a chatbot’s hallucination, it’s a fraudster wearing a perfect digital mask. In February, scammers cloned a CFO, staged a video call and convinced an employee of U.K. engineering firm Arup to wire US$25 million out the door. The entire “meeting” was synthetic, right down to the background banter.  

Canada’s own institutions have already felt the wave: deepfake complaints logged by cyber-crime units rose from single digits in 2022 to hundreds each month this year. 

We missed the model gold rush, that’s OK 

By 2024 the United States poured US$109 billion into private-sector AI, 12 times China’s spend and 24 times Britain’s. Our venture capital went south with it.

But there’s a green-field market nobody owns yet: AI security. Analysts peg the “AI-in-cybersecurity” segment at US$60 billion by 2028, tripling in five years. Guarding systems, not building the biggest one, is the next profit pool and Canada’s brand of neutrality, rule-of-law and cryptography talent is tailor-made for it. 

The anatomy of AI insecurity 

Deepfakes are the flashiest threat, but hardly the only ones. Prompt injection jailbreaks let outsiders hijack corporate chatbots; data-poisoning flips a model’s moral compass; supply-chain tampering can swap “safe” weights for booby-trapped lookalikes.

Canada’s small firms are already reeling: 28 per cent were hit by ransomware last year and half say they lack the staff to monitor new AI-driven threats. The wider landscape is bleak enough that Fortinet’s 2024 Global Threat report ranked Canada among the three most targeted nations on earth. 

We’ve done this before. At its peak, BlackBerry sold fewer phones than Apple yet ruled the boardroom because its crypto was bullet-proof. The company still blocks 600,000 critical-infrastructure attacks per quarter through its QNX and Cylance stack. The lesson: security, baked in by people who live and breathe it, travels better than shiny features.

Apply that mindset to AI pipelines from data ingestion to model deployment and “Canadian safety inside” can be the next global seal. 

What Canadian boards and CEOs must do ASAP 

• Inventory your AI supply chain. Track every data set, pre-trained weight, plug-in and third-party API. If you can’t map it, you can’t secure it. 

• Adopt baseline frameworks. The National Institute of Standards and Technology (NIST) AI risk-management framework and the Canadian Centre for Cyber Security’s (CCCS’s) June 2024 guidance give practical checklists for threat modelling, testing and monitoring. 
• Red-team the model, not just the network. Vendors now offer “AI pentest-as-a-service” that simulates prompt injection, data poisoning and fine-tuning attacks without touching production traffic. 
• Train staff against synthetic fraud. Arup’s loss began with one employee on a call that looked “just good enough.” Run voice-clone drills exactly as you run phishing simulations.
• Tie executive bonuses to provable AI-risk KPIs, and the culture will shift overnight. 

What Ottawa (and you, Minister) must do next 

• Add a “security lens” annex to the Artificial Intelligence and Data Act (AIDA), every regulated AI system should file an adversarial-threat model and disclose incidents within 72 hours, the same discipline we demand for privacy breaches. 
• Write a crown secure-procurement standard. No federal contract should buy or licence an AI tool without evidence of red-team testing and a hard patch-window service-level agreement (SLA). 
• Offer a 30 per cent refundable tax credit for AI-security research and development (R&D). Mirror scientific research and experimental development (SR&ED) but ring-fence it for projects that harden models or detect misuse. 
• Launch a national AI red team. Pair CCCS, university labs and startups to run continuous adversary-emulation against public models. Release findings (and mitigation scripts) under an open licence so Canadian small and medium-sized businesses (SMBs) aren’t priced out of resilience. 

Closing rally 

Security powerhouses don’t win by building bigger engines; they win by inventing better brakes. The world already calls on Canadians to referee trade talks and peacekeeping missions precisely because we are trusted. Let’s weaponize that trust for the AI age.

Minister, announce an AI safety moonshot in this fall’s fiscal update and fund the guardrails the world desperately needs. We don’t have to out-ChatGPT OpenAI. We just have to make sure everyone’s ChatGPT, Gemini or Claude runs on infrastructure stamped “Made-Secure-in-Canada.”

Because the last thing Canadians (and our allies) need is another brilliant invention shipped south and then protected by someone else. 

Generative AI without generative security is like a self-driving car without brakes. 

Ali Dehghantanha is Canada’s research chair in cybersecurity at the University of Guelph.